Sponsored Ads

The Web Security Mailing List

"The heat in Max Butler's safe house was nearly
unbearable. It was the equipment's fault. Butler had crammed several
servers and laptops into the studio apartment high above San
Francisco's Tenderloin neighborhood, and the mass of processors and
displays produced a swelter that pulsed through the room. Butler
brought in some fans, but they didn't provide much relief. The electric
bill was so high that the apartment manager suspected Butler of
operating a hydroponic dope farm.

But if Butler was going to control the online underworld, he was
going to have to take the heat. For nearly two decades, he had honed
his skills as a hacker. He had swiped free calls from local telephone
companies and sneaked onto the machines of the US Air Force. Now, in
August 2006, he was about to pull off his most audacious gambit yet,
taking over the online black markets where cybercriminals bought and
sold everything from stolen identities to counterfeiting equipment.
Together, these sites accounted for millions of dollars in commerce
every year, and Butler had a plan to take control of it all.

Settling into his chair and resting his fingers on his keyboard like a
concert pianist, Butler began his attack. Most illegal online loot was
fenced through four so-called carder sites—marketplaces for online
criminals to buy and sell credit card numbers, Social Security numbers,
and other purloined data. One by one, Butler took them down. (This
story, like the rest of this article, has been reconstructed using
court documents and conversations with friends and associates; Butler
declined to be interviewed.) First, he breached their defenses,
tricking their SQL database servers into running his own commands or
simply slipping in with a hacked password. Once inside, he sucked out
their content, including the logins, passwords, and email addresses of
everyone who bought and sold through the sites. And then he decimated
them, wiping out the databases with the ease of an arsonist flicking a
match. He worked for two straight days; when he tired, he crashed out
on the apartment's foldaway bed for an hour or two, then got up and
went back at it. Butler sent an email under the handle Iceman to all
the thieves whose accounts he had usurped. Whether they liked it or
not, he wrote, they were now members of his own site, CardersMarket.com.
In one bold stroke, Butler had erected one of the largest criminal
marketplaces the Internet had ever seen, 6,000 users strong."

This is by far one of the most in depth articles following an attackers career and well worth the read.